The verification code changes when recording, so if you want to use BurpSuite for replay attacks, you need to find a login website that does not need the verification code. 2.2. 2 During the experiment, first of all, according to the above analysis of replay attacks, I chose Touniu Net for the experiment. You can see that its login page does not need to enter a verification code. Then log in, And open BurpSuite to observe the intercepted login information, Forward the unwanted response in the past, Find the important information part, and the intercepted content is shown in the following figure: the circled part is my login name and encrypted password. Record the information to carry out replay attack. When accessing the login page again, only the request needs to be released again to achieve the login effect, without inputting the user name and password. The way to replay the attack is as follows, Choose Block Login Info. Right-click SendtoRepeater for a replay attack, Then enter the Repeater tab to observe, You can see that the content of the attack that you will replay appears in the request interface. Stand-alone go makes replay attacks, The return information of the page appears in the response interface, It represents the success of login authentication, as shown in the following figure: Let's modify the login information just recorded and replay it again to see how the results will be different. Here, I have deleted several digits from the user name, so the login will fail. Through the Compare tab, we can compare the page response after two logins.胡钧却一把抢了回去,瞪了她一眼道:分一半给林火长。Sorry to force a wave of chicken soup. Originally, I planned to write a machine learning series last year, but after writing three articles for work and physical reasons, there was no more. In the first half of this year, I was tired to death after doing a big project. In the second half of this year, I just took a breath of relief, so the follow-up that I owed before will definitely continue to be even more. In order not to let everyone worship blindly, I decided to write a series of in-depth study, one article per week, which will end in about three months. Teach Xiaobai how to get started. And finished! All! No! Fei! ! It is not simply to write demo and tuning parameters that are available on the Internet. Reject demo, start with me! If you don't understand, please leave a message under my article. I will try my best to reply when I see it. This series will mainly adopt the in-depth learning framework of PaddlaPaddle, and will compare the advantages and disadvantages of Keras, TensorFlow and MXNET (because I have only used these four frameworks, there are too many people writing TensorFlow, and I am using PaddlePaddle well at present, so I decided to start with this). All codes will be put on github (link: https://github.com/huxiaoman7/PaddlePaddle_code). Welcome to mention issue and star. At present, only the first article () has been written, and there will be more in-depth explanation and code later. At present, I have made a simple outline. If you are interested in the direction, you can leave me a message, and I will refer to the addition ~从小哥哥背着她靠给人吹喜丧乐度日,后来还供珍珠上了艺专,可是一次意外使让珍珠不得不辍学,所以她对这个不成材的哥哥毫无怨言,每次都是倾囊相助。为此,她被歹人侮辱,被别人笑话,她求哥哥改邪归正,可是每次元宝都有一堆的理由说服她,珍珠也只能无条件地妥协。现在这些东西都是刚才理顺思路,脑子飞速转动想到的。The 24-second rule: The attacking team must shoot within 24 seconds when controlling the ball on the court (24 seconds in NBA, CBA, CUBA, WNBA and other matches, and 35 seconds in NCAF matches).